When you delete a file, it
is not removed from the disk. Under the Windows OS, the
space on the disk that is being occupied by this file is simply
marked as “available
space.” This allows for programs, like the Windows Recycle
Bin, to undelete a file
after you have
erased it. Additionally, it has been proven by some forensics
experts
that a file can be retrieved even after it has been overwritten
nine times. At that
level, an electron microscope is required. However, files
overwritten up to two times
can be retrieved using currently available software. To effectively
remove a file
permanently, a program such as Wipe
Disk, which overwrites a file or drive with 0s,
1s, and then 0s again, should be used. (There are some individuals
who believe
they can still successfully retrieve at least portions of
the data from the actual
physical memory.)
This course prepares
you for EC-Council Certified Ethical Hacker exam 312-50
Learn More about the Certified
Ethical Hacker Course
Who Should Attend
This course will significantly
benefit security officers, auditors, security professionals, site
administrators, and anyone who is concerned about the integrity of
the network infrastructure.
Duration:
5 days (9:00 – 5:00)
Certification
The Certified Ethical Hacker certification exam 312-50
will be conducted on the last day of training. Students need to pass
the online Prometric exam to receive CEH
certification.
Resources
To further your studies, you should check out the Network Security Archive.
Learn More about the Certified
Ethical Hacker Course
You can use this information to help determine
what skills you will need to perform penetration testing or
as a general guide of what to
look for when hiring a security consultant to perform these
services. We discuss the
contents of the consultant's tool
kit, or black bag, including the software and hardware
likely required. Further, we discuss the two variations of
a penetration test: announced to the
security team and system administrators or unannounced. In
either case, management
must always be fully aware and in support of your activities.
Documented support for your activities from top-level management
is a key component of
any penetration test. The activities associated with penetration
testing are considered
illegal under almost any circumstances other than at the request
of the company. In the
following section we discuss some of the legal issues we have
encountered while. The tester may
have access to sensitive data within the organization that
could be of material
consequence if disclosed. The organization must be confident
that this information will not
end up in the wrong hands. Untrustworthy testers are also
in the position to leave back
doors and Trojans to allow them access after the testing is
complete. In addition, the
results of penetration tests must be kept confidential. Computer
security today is a hot topic
within the media and Wall
Street. Either group could produce a substantial effect
on the
organization if poor test results were disclosed. Most professional
security consultants are
well aware of these ramifications and maintain high standards
of integrity and discretion.
However, background checks and references are a small safeguard
to assure you are
hiring a trustworthy individual.Penetration testing could
have very serious ramifications if not performed properly.
Normally, companies continue to conduct business while the
testing is being performed.
This increases the impact to the company if a system goes
down or is unintentionally
rendered useless. For these clients, these systems should
be considered “critical” and
addressed with due care. The company's management is faced
with maintaining a balance
between making sure the testing is complete and ensuring they
are still able to do business
so that revenue is not lost.
Further, the machines and systems being tested are very expensive.
Considering the cost
of configuration and ongoing maintenance and taking into account
the data and other
electronic assets (such as client databases, proprietary code,
documentation, and other
often irreplaceable intellectual property) on these machines,
the overall cost (or value) of
these systems can be tremendous.
In light of this, the potential legal consequences can be
quite serious as well.A request
from a company employee to perform a penetration test is not
necessarily a valid request.
If that person does not have the authority to request such
actions and indemnify you if
anything goes wrong, you may incur fees related to court costs
in addition to loss of fees
for services. Therefore, legal agreements must be reached
before the testing begins, and
the tester needs to make sure he or she has a signed “Get
Out of Jail Free Card” from a
company officer authorized to enter the organization into
a legally binding agreement. The
“Get
Out of Jail Free Card” generally entails a legal
agreement signed by an authorized
representative of the organization outlining the types of
activities to be performed and
indemnifying the tester against any loss or damages that may
result from the testing.
During the initial discovery phase of a penetration test,
identify the owners of the hardware
and software affected by the test. Both need to agree to the
test before it begins. Often,
and this is especially true for the e-commerce initiatives
of Internet startup firms, the
machines that support networking capabilities are leased from
an Internet/application
services provider. Also, firms may have their ISP configure
the router that leads to their
network in some way to help them filter traffic coming into
their network. When this is the
performing these tests.
We also include as a requirement of b
Source: Hack IT: Security Through Penetration Testing
